Skip to main content

SMTP Authentication Methods

Motorical supports multiple authentication methods to match your security requirements and use case.

Method Comparison

MethodBest ForSetup TimeSecurity LevelTechnical Level
🟢 Basic AuthEmail clients, scripts, general use2 min★★★☆☆Beginner
🔵 API KeyWeb apps, REST APIs, automation2 min★★★★☆Developer
🟣 OAuth 2.0Enterprise SaaS, multi-user apps10 min★★★★★Advanced
🔴 mTLSHigh-security, compliance, fintech15 min★★★★★Expert

Basic Authentication

The simplest method — use your Motor Block username and password.

Configuration:

SMTP Server: mail.motorical.com
Port: 2587 (or 587)
Security: STARTTLS
Username: [your-motor-block-username]
Password: [generated-password]

Best for: Personal projects, email client setup (Gmail, Outlook, Thunderbird), testing, legacy systems.

API Key Authentication

Token-based authentication where the API key is used as the SMTP password. Tokens are revokable without changing your main credentials.

SMTP Usage:

Username: your_motor_block_username
Password: your_api_key  (used as password)

HTTP API Usage:

curl -X POST https://api.motorical.com/v1/send \
  -H "Authorization: ApiKey mk_live_YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "from": "sender@yourdomain.com",
    "to": ["recipient@example.com"],
    "subject": "Test Email",
    "text": "Hello from Motorical!",
    "html": "<p>Hello from <strong>Motorical</strong>!</p>"
  }'

You can also pass the key via X-Api-Key header. The to field accepts a single string or an array. Both text and html body fields are supported (at least one is required).

Advanced features: Per-key rate limiting, usage analytics, webhook notifications, domain validation.

OAuth 2.0 (Coming Soon)

Enterprise-grade authorization with automatic token refresh, granular permission scopes, and audit logging.

Flow:

  1. Get authorization URL
  2. User authorizes access
  3. Exchange code for tokens
  4. Use access token for SMTP

Best for: Enterprise SaaS, multi-user applications, compliance-heavy environments.

Mutual TLS (mTLS)

Certificate-based mutual authentication for maximum security. Both client and server verify each other's identity.

Setup:

  1. Download certificate bundle from your Motor Block settings
  2. Extract client certificate and key
  3. Configure your SMTP client with the certificate files
openssl s_client -connect mail.motorical.com:2587 \
  -cert your_client.crt \
  -key your_client.key \
  -verify 3 -showcerts

Features:

  • Zero-trust network compatible
  • SOC 2, HIPAA ready
  • Hardware Security Module (HSM) support
  • Automatic certificate lifecycle management

Best for: Financial services, healthcare, compliance-mandated environments.